Autopentest-drl |top| -

Developed at the Japan Advanced Institute of Science and Technology (JAIST) , this tool is primarily designed for . It helps students and researchers understand how attackers move laterally through a network by comparing the AI's output path with the generated attack graphs . README.md - crond-jaist/AutoPentest-DRL - GitHub

: Unlike many purely theoretical models, it can be used to execute attacks on real networks by interfacing with standard security tools like Nmap for reconnaissance and Metasploit for exploitation. autopentest-drl

Required for the "Real Attack" mode to execute findings on actual hardware. Network Configuration: The framework is primarily developed for Ubuntu 18.04 LTS ; newer versions may require environment adjustments. Key Features to Highlight Logical vs. Real Attack Modes: Developed at the Japan Advanced Institute of Science

Users can run a "logical attack" using a sample network topology. In this mode, no actual exploits are launched. Instead, the DRL agent determines the optimal attack path based on the network's configuration, allowing researchers to study attack mechanisms without risk. Required for the "Real Attack" mode to execute

: It analyzes a network's topology (using description files) to determine the most efficient multi-stage attack path without actually launching any exploits. It often utilizes

: The "brain" of the system, often utilizing a Deep Q-Network (DQN) . It processes a simplified matrix representation of the attack tree to determine the most feasible or efficient attack path.

AutoPentest-DRL demonstrates that deep reinforcement learning can outperform static pentest automation in time-to-compromise and adaptability. While not ready for fully unattended red-team operations, it serves as a powerful augmentation for human pentesters — suggesting high-value attack paths that rigid scanners would miss.